netstat: strip the binary of sgid
AcceptedPublic
Actions

Authored by kevans on Mon, Oct 21, 4:22 AM.

Details

Reviewers

glebius

Group Reviewers

network

Summary

Everything in the live path seems to use sysctls these days, with kvm
only being used for pulling information from core dumps. Strip the
binary of /dev/{k,}mem access to reduce the surface area with access
to kmem.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 60143
Build 57027: arc lint + arc unit

Event Timeline

kevans created this revision.Mon, Oct 21, 4:22 AM

Herald added a subscriber: imp. · View Herald TranscriptMon, Oct 21, 4:22 AM

kevans requested review of this revision.Mon, Oct 21, 4:22 AM

Harbormaster completed remote builds in B60109: Diff 145239.Mon, Oct 21, 4:22 AM

There are some calls setgid(getgid()) in netstat which aim to drop privileges. I guess those should be removed too?

Drop setgid(2) calls meant to drop privileges, now that we don't have privs

Harbormaster completed remote builds in B60143: Diff 145329.Tue, Oct 22, 3:14 AM

In D47210#1076527, @markj wrote:

There are some calls setgid(getgid()) in netstat which aim to drop privileges. I guess those should be removed too?

I also found one other call to kresolve_list() that I thought could go away, but it turns out that we actually still need /dev/mem for netstat -rs. Shelving this for the time being, but reimplementing rt_stats() for the live case doesn't seem like it'd be too difficult.

kevans added a parent revision: D47231: netstat: convert routing statistics to a sysctl.Tue, Oct 22, 3:52 AM

glebius accepted this revision as: glebius.Tue, Oct 22, 5:06 PM

This revision is now accepted and ready to land.Tue, Oct 22, 5:06 PM